Posted: Thu May 31, 2007 3:57 pm
Maybe something like this (and could you try to tab your code? It makes it a lot easier to read).
Code: Select all
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#E5E5E5" topmargin="0">
<?php
$host = 'localhost';
$username = '****';
$password = '****';
$database = '****';
$db = mysql_connect($host, $username, $password) or die(mysql_error());
mysql_select_db($database) or die(mysql_error());
$BusinessName = isset($_GET['BusinessName']) ? $_GET['BusinessName'] : '';
$Slogan = isset($_GET['Slogan']) ? $_GET['Slogan']:'';
$Business_Address = isset($_GET['Business_Address']) ? $_GET['Business_Address']:'';
$Tel = isset($_GET['Tel']) ? $_GET['Tel']:'';
$Website = isset($_GET['Website']) ? $_GET['Website']:'';
$Email = isset($_GET['Email']) ? $_GET['Email']:'';
$Member_Status = isset($_GET['Member_Status']) ? $_GET['Member_Status']:'';
$Fax =isset($_GET['Fax']) ? $_GET['Fax']:'';
$type = isset($_GET['type']) ? $_GET['type']:'';
$make = isset($_GET['make']) ? $_GET['make']:'';
$Categories = isset($_GET['Categories']) ? $_GET['Categories']:'';
$Keyword = isset($_GET['Keyword']) ? $_GET['Keyword']:'';
$Picture1 = isset($_GET['Picture1']) ? $_GET['Picture1']:'';
$Headline = isset($_GET['Headline']) ? $_GET['Headline']:'';
$Slogan2 = isset($_GET['Slogan2']) ? $_GET['Slogan2']:'';
$Description1 = isset($_GET['Description1']) ? $_GET['Description1']:'';
$Description2 = isset($_GET['Description2']) ? $_GET['Description2']:'';
$Description3= isset($_GET['Description3']) ? $_GET['Description3']:'';
$Contact2 = isset($_GET['Contact2']) ? $_GET['Contact2']:'';
$Picture2 = isset($_GET['Picture2']) ? $_GET['Picture2']:'';
$Picture3 = isset($_GET['Picture3']) ? $_GET['Picture3']:'';
$Picture4 = isset($_GET['Picture4']) ? $_GET['Picture4']:'';
$User_Name = isset($_GET['User_Name']) ? $_GET['User_Name']:'';
$Password = isset($_GET['Password']) ? $_GET['Password']: '';
/**
* ARE YOU SURE THESE ARE SET?
*/
$User_Name=strtolower($_GET['User_Name']);
/**
* WHY ARE YOU SENDING A PASSWORD THROUGH THE QUERYSTRING?
* THIS IS VERY INSECURE AND COULD DRIVE TRAFFIC AWAY FROM YOUR SITE
*/
$Password=strtolower($_GET['Password']);
// if (isset($_GET['BusinessName'])) {
if (!empty($BusinessName) {
$query = "SELECT * FROM business_info WHERE `BusinessName`= '$BusinessName' ";
$result = mysql_query($query) or die (mysql_error());
$row = mysql_fetch_assoc($result);
$BusinessName= ($row['BusinessName']);
$Keyword =($row['Keyword']);
$Picture1 = ($row['Picture1']);
$Headline = ($row['Headline']);
$Slogan2 = ($row['Slogan2']);
$Description1 =($row['Description1']);
$Description2 = ($row['Description2']);
$Description3= ($row['Description3']);
$Contact2 = ($row['Contact2']);
$Picture2 = ($row['Picture2']);
$Picture3 = ($row['Picture3']);
$Business_Address=($row['Business_Address']);
$make=($row['make']);
$type=($row['type']);
$Tel=($row['Tel']);
$Website=($row['Website']);
}
?>
<center>
<table width="200" border="0" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td valign="top">
<?php include 'includefiles/banner.php'; ?>
<table width="778" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="778" valign="top">
<table width="778" border="0" cellpadding="0" cellspacing="0">
<tr>
<td valign="top" bgcolor="#f90102">
<h1><font color='ffffff'><marquee><?php echo $BusinessName; ?></marquee></font></h1>
</td>